Lucene search
K

39 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in cups

OpenPrinting CUPS is an open-source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and earlier, the RSS notifier allowed path traversal in notify-recipient-uri e.g., rss:///../job.cache, enabling a remote IPP client to write RSS XML bytes outside of CacheDir/r...

6.5CVSS6.6AI score0.00406EPSS
Exploits1References3
OSV
OSV
added 2024/10/21 12:33 p.m.5 views

USN-7042-3 cups-browsed vulnerability

USN-7042-2 released an improved fix for cups-browsed. This update provides the corresponding update for Ubuntu 24.10. Original advisory details: Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues i...

5.3CVSS7.2AI score0.50174EPSS
Exploits15References2
OSV
OSV
added 2024/10/06 7:0 p.m.6 views

UBUNTU-CVE-2024-47176

CUPS is a standards-based, open-source printing system, and cups-browsed contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. cups-browsed binds to INADDRANY:631, causing it to trust any packet from any source, and can cause t...

5.3CVSS7.1AI score0.50174EPSS
Exploits15References12
RedHat Linux
RedHat Linux
added 2024/10/02 6:21 p.m.5 views

cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes

A flaw was found in OpenPrinting CUPS. In certain conditions, a remote attacker can add a malicious printer or directly hijack an existing printer by replacing the valid IPP URL with a malicious one. Also, it is possible that due to a lack of validation of IPP attributes returned by the server,...

8.6CVSS5.8AI score0.76959EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2024/10/02 11:38 a.m.5 views

cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes

A flaw was found in OpenPrinting CUPS. In certain conditions, a remote attacker can add a malicious printer or directly hijack an existing printer by replacing the valid IPP URL with a malicious one. Also, it is possible that due to a lack of validation of IPP attributes returned by the server,...

8.6CVSS5.8AI score0.76959EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2024/10/02 11:35 a.m.4 views

cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes

A flaw was found in OpenPrinting CUPS. In certain conditions, a remote attacker can add a malicious printer or directly hijack an existing printer by replacing the valid IPP URL with a malicious one. Also, it is possible that due to a lack of validation of IPP attributes returned by the server,...

8.6CVSS5.8AI score0.76959EPSS
Exploits5References7
OSV
OSV
added 2024/09/26 8:30 p.m.10 views

USN-7043-1 cups-filters vulnerabilities

Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulat...

8.6CVSS7.2AI score0.76959EPSS
Exploits16References3
OSV
OSV
added 2024/09/26 8:24 p.m.6 views

USN-7042-1 cups-browsed vulnerability

Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute...

7.5CVSS7.2AI score0.50174EPSS
Exploits15References2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.181 views

Xerox Workcentre 5735 LDAP Service Redential Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xerox Workcentre 5735 LDAP Service Redential Extractor', 'Description' = %q This module extract the printer's LDAP username and password from Xer...

7.4AI score
Exploits0
NCSC
NCSC
added 2022/01/25 12:0 a.m.4 views

Vulnerability found in Xerox printers

A researcher has found a vulnerability in VersaLink printers from Xerox. The vulnerability allows an unauthenticated remote malicious party capable of causing a denial-of-service cause. In order to exploit the vulnerability, the attacker must obtain a TIFF document with incomplete image directory...

6.7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2021/12/14 8:0 a.m.64 views

December 14, 2021—KB5008255 (Security-only update)

None None...

9.8CVSS6.8AI score0.11963EPSS
Exploits5
Microsoft KB
Microsoft KB
added 2021/12/14 8:0 a.m.125 views

December 14, 2021—KB5008206 (OS Build 18363.1977)

None None...

9.8CVSS6.8AI score0.11963EPSS
Exploits5
Microsoft KB
Microsoft KB
added 2021/12/14 8:0 a.m.150 views

December 14, 2021—KB5008285 (Security-only update)

None None...

9.8CVSS6.8AI score0.11963EPSS
Exploits5
Microsoft KB
Microsoft KB
added 2021/12/14 8:0 a.m.266 views

December 14, 2021—KB5008207 (OS Build 14393.4825) - EXPIRED

None None...

9.8CVSS6.8AI score0.11963EPSS
Exploits5
Microsoft KB
Microsoft KB
added 2021/12/14 8:0 a.m.105 views

December 14, 2021—KB5008277 (Monthly Rollup)

None None...

9.8CVSS6.8AI score0.11963EPSS
Exploits5
Microsoft KB
Microsoft KB
added 2021/12/14 8:0 a.m.54 views

December 14, 2021—KB5008282 (Security-only update)

None None...

9.8CVSS6.8AI score0.11963EPSS
Exploits5
Microsoft KB
Microsoft KB
added 2021/11/22 12:0 a.m.18 views

November 22, 2021—KB5007266 (OS Build 17763.2330) Preview

None None...

6.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2021/11/09 8:0 a.m.416 views

November 9, 2021—KB5007192 (OS Build 14393.4770) - EXPIRED

None None...

8.8CVSS6.8AI score0.74265EPSS
Exploits10
ATTACKERKB
ATTACKERKB
added 2021/07/16 9:15 p.m.494 views

CVE-2021-34481

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or...

9.8CVSS8AI score0.45423EPSS
In wildExploits1References2Affected Software25
NVD
NVD
added 2015/10/14 11:59 p.m.17 views

CVE-2015-5583

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended sandbox restrictions and obtain sensitive PD...

4.3CVSS6.1AI score0.04042EPSS
Exploits0References3
Rows per page
Query Builder